CloudFlare, a web performance and security startup, has to block 60 million requests against its WordPress customers within one hour elapse time. The online requests reprise the WordPress scenario targeting administrative accounts from a botnet supported by more than 90,000 separate IP addresses. A CloudFlare spokesman asserted that if hackers successfully control WordPress servers, potential damage and service disruption could exceed common distributed denial of service (DDoS) attack defenses.

Why should we care?

According to Wikipedia,

WordPress is used by over 14.7% of Alexa Internet’s “top 1 million” websites and as of August 2011 manages 22% of all new websites. WordPress is currently the most popular blogging system in use on the Web, powering over 60 million websites worldwide.

Two-thirds of the WordPress sites are out of date…

We can see by searching Google Trends that search volumes for words such as WordPress Security and WordPress Backup are trending up with no sign of slowing down. If we look at small segments of time related to keywords in the marketplace we can see that backup and security solutions for WordPress as follow-up remedies after the situation has escalated.

In other words: WordPress users wait until a problem happens, then they complain they left the door unlocked.

How does this affect me?

Imagine the value of your personal data.

Think about the previous line item “WordPress is used by over 14.7% of Alexa Internet’s “top 1 million” websites”

How many times a month do you visit a WordPress site?
(hint… you are on a WordPress site right now.)

How many of those sites have you joined up as a member?

Did you release your e-mail or privately talk with another member?

Does your e-mail, username, and password match one of your utility or bank logins?

Did you click on a message link from a friend only to realize it was spam?

Did you download a nasty virus on your computer off the web?

Did you wait a few extra seconds waiting for a site to load?

Simply said: there are hundreds of ways that a WordPress virus or hack can affect you, your business, or the people you care about. Some of them are simply nuisance items and others are a complete panic.

If you own a site that has been attacked, the resulting damage can cause irreparable damage to your business and your community members. Repairing a site can often cost thousands of dollars in lost income and technical fees (and the trust of your users.)

WHAT CAN YOU DO?

If you use WordPress: UPDATE IT along with ALL of the plugins you use.

Share this article with anyone who uses WordPress.

Encourage them to update the software they use and make frequent back-ups to protect themselves and their users.

We all have a responsibility to help each other have a positive and safe experience on the web.

Big Names (outside of the Department of Homeland Security) are talking about it.